Hi Roman,
On parsing of manifest in PE module is possible access to zero address and crash. It's happens because not all manifest attributes can be specified and pointers in assembly_identity structure can be uninitialized. This patch adds function for setting empty strings in structure elements when they not initialized.
Your patch looks like a workaround. You should fix the code to cope with NULL pointers correctly instead of allocating useless empty strings. Also initialize_assembly_identity doesn't make sense. ai is initialized a few lines later by memset call.
Jacek
Jacek Caban wrote:
Hi Roman,
On parsing of manifest in PE module is possible access to zero address and crash. It's happens because not all manifest attributes can be specified and pointers in assembly_identity structure can be uninitialized. This patch adds function for setting empty strings in structure elements when they not initialized.
Your patch looks like a workaround. You should fix the code to cope with NULL pointers correctly instead of allocating useless empty strings. Also initialize_assembly_identity doesn't make sense. ai is initialized a few lines later by memset call.
Thanks for your notices! I'm rewrote patch, append some changes and split to small parts.
On Wed, Mar 11, 2009 at 2:40 PM, Roman Mindalev lists@r000n.net wrote:
Jacek Caban wrote:
Hi Roman,
On parsing of manifest in PE module is possible access to zero address and crash. It's happens because not all manifest attributes can be specified and pointers in assembly_identity structure can be uninitialized. This patch adds function for setting empty strings in structure elements when they not initialized.
Your patch looks like a workaround. You should fix the code to cope with NULL pointers correctly instead of allocating useless empty strings. Also initialize_assembly_identity doesn't make sense. ai is initialized a few lines later by memset call.
Thanks for your notices! I'm rewrote patch, append some changes and split to small parts.
Please send only one patch per e-mail.
Austin English wrote:
On Wed, Mar 11, 2009 at 2:40 PM, Roman Mindalev lists@r000n.net wrote:
Jacek Caban wrote:
Hi Roman,
On parsing of manifest in PE module is possible access to zero address and crash. It's happens because not all manifest attributes can be specified and pointers in assembly_identity structure can be uninitialized. This patch adds function for setting empty strings in structure elements when they not initialized.
Your patch looks like a workaround. You should fix the code to cope with NULL pointers correctly instead of allocating useless empty strings. Also initialize_assembly_identity doesn't make sense. ai is initialized a few lines later by memset call.
Thanks for your notices! I'm rewrote patch, append some changes and split to small parts.
Please send only one patch per e-mail.
Ok
-
Austin English -
Jacek Caban -
Roman Mindalev